Approved changes feed: RSS · Atom
cpe:2.3:a:netwin:webmail:3.1d:*:*:*:*:*:*:*
part: a version: 3.1d update: *
| Vendor | Netwin (84440f9c-0c8f-54f6-a00b-4d1ca5722029) |
|---|---|
| Product | Webmail (db694985-2ac8-523f-a22d-5bd465406854) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2004-2548 |
vulnerable | 2026-06-08 04:48:10.141530 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).
Published: 2005-11-21T11:00:00.000Z
Updated: 2024-08-08T01:29:14.076Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2547 |
vulnerable | 2026-06-08 04:48:10.139889 |
Details available
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
Published: 2005-11-21T11:00:00.000Z
Updated: 2024-08-08T01:29:14.042Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.